US6397270B1 - System for indirect communication between two computers, each having write access to its own portion of a dual-access disk drive and read access to the entire drive - Google Patents
System for indirect communication between two computers, each having write access to its own portion of a dual-access disk drive and read access to the entire drive Download PDFInfo
- Publication number
- US6397270B1 US6397270B1 US09/225,409 US22540999A US6397270B1 US 6397270 B1 US6397270 B1 US 6397270B1 US 22540999 A US22540999 A US 22540999A US 6397270 B1 US6397270 B1 US 6397270B1
- Authority
- US
- United States
- Prior art keywords
- computer
- disk drive
- network
- access
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/80—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
Definitions
- the present invention relates generally to improvements to secure information transfer. More particularly, the invention relates to an advantageous dual-access disk drive system for secure transfer of information between different entities.
- Immense amounts of information need to be transferred daily. Much of this information must be transferred between different entities, such as corporations, who have no fiduciary relationship toward one another, and which may be competitors which do not trust one another. Often a customer will need to transfer large amounts of information to a vendor, and the vendor will work with the information and transfer a finished product to the customer. The finished product may likewise be an information-intensive product whose value lies primarily in the information it contains. There is an ongoing need for convenient and rapid information transfer, which is best met in many cases, by electronic transfer. This includes transfer of computer files, which are able to contain or represent many different types of information. Transferring information between computers in the form of computer files is one of the fastest and easiest ways to transfer large amounts of information.
- data transfer can be accomplished by implementing a computer network and connecting each part of the organization to a computer network.
- Transfer over a network does, involve a degree of complexity because of the need to implement network protocols for information transfer, which require application programs for their implementation.
- Data transfer between different organizations, such as business competitors, requires successful processing and transfer of the data, with additional complexity introduced because of the need to address security concerns.
- a data transfer system and method according to the present invention employs a dual-access disk drive adapted to allow simultaneous access by two or more different computers.
- the disk drive is adapted to allow each computer write access to a portion of the disk and read access to the entire disk.
- Each computer connected to the disk drive is allowed write access to a separate portion of the disk.
- the disk serves as a repository of information.
- Each of the different computers writes information to the disk, the information being readable by the other of the different computers. It is thus possible for two separate computers to transfer information by depositing and retrieving the information in a jointly accessible location, without a need for either computer to have a direct connection or access to the other computer. This provides physical security to each computer, as each computer is physically isolated from the other computer.
- the disk is adapted to prevent conflicting access by the different computers, for example, attempts by different ones of the different computers to read or write the disk inappropriately.
- the data transfer is accomplished with a minimum of complexity, because the data is transferred through direct physical connection to the repository of information, without the need for complex networking protocols.
- FIG. 1 illustrates a dual-access disk drive transfer system according to the present invention
- FIG. 2 illustrates an alternative embodiment of a dual-access disk drive transfer system according to another aspect of the present invention.
- FIG. 3 illustrates the steps of a method according to the present invention for transfer of information using a dual-access disk drive.
- FIG. 1 illustrates a dual-access disk drive information transfer system 100 according to the present invention.
- the system 100 includes a disk drive 102 having a disk 104 and ports 104 A and 104 A.
- the ports 104 A and 104 B may suitably be included within a disk controller 108 which controls operation of the disk 104 and data transfer to and from the disk drive 102 .
- the system 100 further includes a first computer 110 and a second computer 112 .
- the first computer 110 and the second computer 112 are typically owned by separate entities.
- the first computer 110 is typically connected to a first network 114 and the second computer 112 is typically connected to a second network 116 .
- the first computer 110 and the second computer 112 communicate with the disk drive 102 via the controller 108 .
- the first computer 110 and the second computer 112 transfer data to the controller 108 through the ports 104 A and 104 B, and also communicate with the controller 108 through the ports 104 A and 104 B.
- the computers 110 and 112 communicate requests to read and write to the disk 104 , and these requests are received and answered by the controller 108 , which controls disk access and prevents conflicts such as attempts by both of the computers 110 and 112 to read or write to the disk 102 at the same time.
- the computers 110 and 112 would each be located a short physical distance from the disk drive 102 , typically on the order of a few feet away, and be physically connected to the disk drive 102 .
- Each of the computers 110 and 112 would be connected to its network 114 or 116 , respectively, through a network interface. Each of the computers 110 and 112 sees the disk drive 102 as simply another disk drive attached to it. Moreover, it is possible to set up the networks 114 and 116 so that each computer on the network 114 sees the disk drive 102 as simply another volume on the network 114 , and each computer on the network 116 likewise sees the disk drive 102 as another volume on the network 116 . The fact that the disk drive 102 is connected to more than one computer is transparent to each of computers 110 and 112 .
- an appropriate computer on the network 114 When it is desired to transfer data from the network 114 to the network 116 , an appropriate computer on the network 114 simply directs the writing of a file to the disk drive 102 , and then an appropriate computer on the network 116 directs the reading of the file from the disk drive 102 .
- the controller 106 handles the read and write requests and prevents conflicts.
- Provisions may suitably be made in the networks 114 and 116 to warn users that the disk drive 102 is accessible by a separate network. For example, a dialog box may appear with a security alert reminding a user who attempts to transfer a file to the disk drive 102 that the disk drive 102 is accessible by another entity, and asking for confirmation that the user really does intend to transfer the file to the disk drive 102 . Additionally, each of the networks 114 and 116 may log transfers of files to the disk drive 102 .
- FIG. 2 illustrates a secure data transfer system 200 according to another aspect of the present invention.
- the system 200 includes a disk drive 202 , which preferably includes a disk 204 and a controller 206 .
- the controller 206 controls operation of the disk drive 202 and transfers data to and from the disk drive 202 through a port 208 .
- the data transfer system 200 also includes a first computer 210 and a second computer 212 .
- the system 200 also includes a Small Systems Control Interface (SCSI) connection 214 between the first computer 210 and the second computer 212 .
- the disk drive 202 is also connected to the SCSI connection 214 , through the port 208 , so that the SCSI connection 214 serves as a connection between the disk drive 202 and each of the first computer 210 and the second computer 212 .
- SCSI Small Systems Control Interface
- FIG. 3 illustrates the steps of a method 300 for secure data transfer according to the present invention.
- a dual access disk drive is provided, similar to the disk drive 102 of FIG. 1 .
- a first computer and a second computer are connected to the disk drive, with each of the first computer and the second computer having write access to a preassigned segment of the disk drive, for example half, and each of the first computer and the second computer having read access to the entire disk drive. While read access to the entire disk is presently preferred, read access may be limited to a preassigned segment less than the entire disk, but greater than the write access segment.
- Each of the first and second computers may be connected to a first and second network, respectively.
- the first computer writes data to the dual-access disk drive.
- the data written to the dual-access disk drive by the first computer may be data provided to the first computer by the first network.
- the second computer reads data from the dual access disk drive.
- the second computer may provide the data read from the dual-access disk drive to the second network.
- the first computer reads data from the dual-access disk drive.
- the data read from the dual-access disk drive by the first computer may be provided to the first network by the first computer.
- the second computer writes data to the dual access disk drive.
- the data written to the dual-access disk drive by the second computer may be data provided to the second computer by the second network.
- Steps 306 - 312 need not be, and typically are not, executed in sequence, but rather each step is executed individually as one or the other of the first or second computers needs to read data from or write data to the dual-access disk drive.
- the dual-access disk drive controls operation and prevents conflicts such as simultaneous attempts at access by each of the first computer and the second computer.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
Description
Claims (15)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/225,409 US6397270B1 (en) | 1999-01-05 | 1999-01-05 | System for indirect communication between two computers, each having write access to its own portion of a dual-access disk drive and read access to the entire drive |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/225,409 US6397270B1 (en) | 1999-01-05 | 1999-01-05 | System for indirect communication between two computers, each having write access to its own portion of a dual-access disk drive and read access to the entire drive |
Publications (1)
Publication Number | Publication Date |
---|---|
US6397270B1 true US6397270B1 (en) | 2002-05-28 |
Family
ID=22844754
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/225,409 Expired - Lifetime US6397270B1 (en) | 1999-01-05 | 1999-01-05 | System for indirect communication between two computers, each having write access to its own portion of a dual-access disk drive and read access to the entire drive |
Country Status (1)
Country | Link |
---|---|
US (1) | US6397270B1 (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030233370A1 (en) * | 2000-10-13 | 2003-12-18 | Miosoft Corporation, A Delaware Corporation | Maintaining a relationship between two different items of data |
US20030236849A1 (en) * | 2002-05-21 | 2003-12-25 | Hitachi, Ltd. | Data linkage method and system |
US6771446B1 (en) * | 2000-02-28 | 2004-08-03 | Seagate Technology Llc | Method and apparatus for disc drive data security using a servo wedge |
US20040267807A1 (en) * | 2000-10-13 | 2004-12-30 | Miosoft Corporation, A Delaware Corporation | Persistent data storage techniques |
US20060242401A1 (en) * | 2005-04-22 | 2006-10-26 | Digi International Inc. | Recognition of devices connected to a console server |
DE102016220452B4 (en) | 2015-11-01 | 2022-08-04 | International Business Machines Corporation | Data transfer via a data storage drive |
DE112018002178B4 (en) | 2017-07-13 | 2024-09-19 | International Business Machines Corporation | FILE TRANSFER IN SHARED STORAGE |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5247616A (en) * | 1989-10-23 | 1993-09-21 | International Business Machines Corporation | Computer system having different communications facilities and data transfer processes between different computers |
US5528768A (en) * | 1989-09-29 | 1996-06-18 | Siemens Aktiengesellschaft | Multiprocessor communication system having a paritioned main memory where individual processors write to exclusive portions of the main memory and read from the entire main memory |
US5701513A (en) * | 1991-01-08 | 1997-12-23 | Kabushiki Kaisha Toshiba | System for independently transferring data between a plurality of disk drives and plurality of hosts in the order of drives completing disk preparation operations |
US5983226A (en) * | 1996-12-30 | 1999-11-09 | Mci World Com, Inc. | System for real-time device data management |
US5987506A (en) * | 1996-11-22 | 1999-11-16 | Mangosoft Corporation | Remote access and geographically distributed computers in a globally addressable storage environment |
US6098179A (en) * | 1998-01-22 | 2000-08-01 | Digital Equipment Corporation | Method and apparatus for performing error detection |
US6115797A (en) * | 1996-09-02 | 2000-09-05 | Hitachi, Ltd. | Method and system for sharing storage device via mutually different interfaces |
US6138248A (en) * | 1997-01-17 | 2000-10-24 | Hitachi, Ltd. | Common disk unit multi-computer system |
-
1999
- 1999-01-05 US US09/225,409 patent/US6397270B1/en not_active Expired - Lifetime
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5528768A (en) * | 1989-09-29 | 1996-06-18 | Siemens Aktiengesellschaft | Multiprocessor communication system having a paritioned main memory where individual processors write to exclusive portions of the main memory and read from the entire main memory |
US5247616A (en) * | 1989-10-23 | 1993-09-21 | International Business Machines Corporation | Computer system having different communications facilities and data transfer processes between different computers |
US5701513A (en) * | 1991-01-08 | 1997-12-23 | Kabushiki Kaisha Toshiba | System for independently transferring data between a plurality of disk drives and plurality of hosts in the order of drives completing disk preparation operations |
US6115797A (en) * | 1996-09-02 | 2000-09-05 | Hitachi, Ltd. | Method and system for sharing storage device via mutually different interfaces |
US5987506A (en) * | 1996-11-22 | 1999-11-16 | Mangosoft Corporation | Remote access and geographically distributed computers in a globally addressable storage environment |
US5983226A (en) * | 1996-12-30 | 1999-11-09 | Mci World Com, Inc. | System for real-time device data management |
US6138248A (en) * | 1997-01-17 | 2000-10-24 | Hitachi, Ltd. | Common disk unit multi-computer system |
US6098179A (en) * | 1998-01-22 | 2000-08-01 | Digital Equipment Corporation | Method and apparatus for performing error detection |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6771446B1 (en) * | 2000-02-28 | 2004-08-03 | Seagate Technology Llc | Method and apparatus for disc drive data security using a servo wedge |
US7587428B2 (en) * | 2000-10-13 | 2009-09-08 | Microsoft Corporation | Maintaining a relationship between two different items of data |
US9189536B2 (en) | 2000-10-13 | 2015-11-17 | Miosoft Corporation | Maintaining a relationship between two different items of data |
US20040267807A1 (en) * | 2000-10-13 | 2004-12-30 | Miosoft Corporation, A Delaware Corporation | Persistent data storage techniques |
US9830348B2 (en) | 2000-10-13 | 2017-11-28 | Miosoft Corporation | Persistent data storage techniques |
US8935225B2 (en) | 2000-10-13 | 2015-01-13 | Miosoft Corporation | Persistent data storage techniques |
US20030233370A1 (en) * | 2000-10-13 | 2003-12-18 | Miosoft Corporation, A Delaware Corporation | Maintaining a relationship between two different items of data |
US7689560B2 (en) | 2000-10-13 | 2010-03-30 | Miosoft Corporation | Persistent data storage techniques |
US20100153397A1 (en) * | 2000-10-13 | 2010-06-17 | Miosoft Corporation | Maintaining a relationship between two different items of data |
US8489567B2 (en) | 2000-10-13 | 2013-07-16 | Microsoft Corporation | Persistent data storage techniques |
US7197554B2 (en) * | 2002-05-21 | 2007-03-27 | Hitachi, Ltd. | Data linkage method and system |
US20030236849A1 (en) * | 2002-05-21 | 2003-12-25 | Hitachi, Ltd. | Data linkage method and system |
US20060242401A1 (en) * | 2005-04-22 | 2006-10-26 | Digi International Inc. | Recognition of devices connected to a console server |
DE102016220452B4 (en) | 2015-11-01 | 2022-08-04 | International Business Machines Corporation | Data transfer via a data storage drive |
DE112018002178B4 (en) | 2017-07-13 | 2024-09-19 | International Business Machines Corporation | FILE TRANSFER IN SHARED STORAGE |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6446209B2 (en) | Storage controller conditioning host access to stored data according to security key stored in host-inaccessible metadata | |
CA1227885A (en) | Secure data processing system architecture | |
CN100407174C (en) | Data protection program and data protection method | |
US6343324B1 (en) | Method and system for controlling access share storage devices in a network environment by configuring host-to-volume mapping data structures in the controller memory for granting and denying access to the devices | |
US8301909B2 (en) | System and method for managing external storage devices | |
US7124265B2 (en) | Storage system which controls access to logical devices by permitting attribute modes for logical devices to be set | |
US20080126813A1 (en) | Storage control device and method of controlling encryption function of storage control device | |
US9116900B2 (en) | Methods for controlling remote archiving systems | |
US8205052B2 (en) | Preventing operations from unauthorized users on paired storage volumes | |
US20030126225A1 (en) | System and method for peripheral device virtual functionality overlay | |
US20050210041A1 (en) | Management method for data retention | |
US20090150606A1 (en) | Information processing system having volume guard function | |
US20050086447A1 (en) | Program and apparatus for blocking information leaks, and storage medium for the program | |
EP2045807A1 (en) | Methods for control of digital shredding of media | |
US6631453B1 (en) | Secure data storage device | |
CN101263463B (en) | Transactional sealed storage | |
US8291179B2 (en) | Methods for implementation of worm enforcement in a storage system | |
US5802591A (en) | Method and system for preventing unauthorized access to information stored in a computer | |
JP2006048313A (en) | Method for managing storage system managed by a plurality of administrators | |
US6397270B1 (en) | System for indirect communication between two computers, each having write access to its own portion of a dual-access disk drive and read access to the entire drive | |
JP3744248B2 (en) | Fiber channel connected storage subsystem and access method thereof | |
US6804753B1 (en) | Partitioned library | |
JP4122042B1 (en) | Access authority control system | |
JPH0855062A (en) | System and method for limitation of access to medium storagedevice | |
JP4191239B2 (en) | Access authority control system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: LUCENT TECHNOLOGIES INC., NEW JERSEY Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CHESWICK, WILLIAM ROBERTS;REEL/FRAME:009695/0358 Effective date: 19981223 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FEPP | Fee payment procedure |
Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
FPAY | Fee payment |
Year of fee payment: 8 |
|
FPAY | Fee payment |
Year of fee payment: 12 |
|
AS | Assignment |
Owner name: DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AG Free format text: PATENT SECURITY AGREEMENT;ASSIGNORS:LSI CORPORATION;AGERE SYSTEMS LLC;REEL/FRAME:032856/0031 Effective date: 20140506 |
|
AS | Assignment |
Owner name: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:AGERE SYSTEMS LLC;REEL/FRAME:035365/0634 Effective date: 20140804 |
|
AS | Assignment |
Owner name: AGERE SYSTEMS LLC, PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS (RELEASES RF 032856-0031);ASSIGNOR:DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AGENT;REEL/FRAME:037684/0039 Effective date: 20160201 Owner name: LSI CORPORATION, CALIFORNIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENT RIGHTS (RELEASES RF 032856-0031);ASSIGNOR:DEUTSCHE BANK AG NEW YORK BRANCH, AS COLLATERAL AGENT;REEL/FRAME:037684/0039 Effective date: 20160201 |
|
AS | Assignment |
Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH CAROLINA Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD.;REEL/FRAME:037808/0001 Effective date: 20160201 Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD.;REEL/FRAME:037808/0001 Effective date: 20160201 |
|
AS | Assignment |
Owner name: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD., SINGAPORE Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS COLLATERAL AGENT;REEL/FRAME:041710/0001 Effective date: 20170119 Owner name: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS COLLATERAL AGENT;REEL/FRAME:041710/0001 Effective date: 20170119 |
|
AS | Assignment |
Owner name: AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE. LIMITE Free format text: MERGER;ASSIGNOR:AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD.;REEL/FRAME:047195/0026 Effective date: 20180509 |
|
AS | Assignment |
Owner name: AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE. LIMITE Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE EFFECTIVE DATE OF MERGER PREVIOUSLY RECORDED ON REEL 047195 FRAME 0026. ASSIGNOR(S) HEREBY CONFIRMS THE MERGER;ASSIGNOR:AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD.;REEL/FRAME:047477/0423 Effective date: 20180905 |